Flexible and Robust Privacy-Preserving Implicit Authentication

Domingo-Ferrer, Josep; Wu, Qianhong; Blanco-Justicia, Alberto

doi:10.1007/978-3-319-18467-8_2

Cited by 11 publications

(20 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many existing contextual authentication proposals, summarised in Table 1, use device measurements in unprotected form-giving rise to privacy concerns especially when authentication decisions are outsourced to a remote server [8,23,28]. As noted previously, studies have already shown that users are generally reluctant towards disclosing, in particular, their GPS location to device applications [3][4][5]9].…”

Section: Discussionmentioning

confidence: 99%

“…Current approaches to privacy-enhancing continuous authentication have employed homomorphic encryption, e.g. Paillier [19], and garbled circuits for two-party computation (2PC) [8,12,23,28]. However, challenges still remain with respect computational complexity and storage overhead, which is exemplified by worst cases of 31.2s and 45.9s to compute authentication decisions in [8] and [28] respectively.…”

Section: Discussionmentioning

confidence: 99%

“…However, while a security proof is provided, the scheme is neither implemented nor evaluated in practice. Domingo-Ferrer et al [8] develop the work from [23] by presenting an additional approach based on the set intersection of homomorphically encrypted feature vectors to authenticate users. The set intersection is used to compute the dissimilarity function between the encrypted user profile and incoming feature vectors to support categorical features, beyond only numerical features supported in [23].…”

Section: Privacy-enhancing Continuous Authenticationmentioning

confidence: 99%

See 2 more Smart Citations

Privacy-Enhancing Context Authentication from Location-Sensitive Data

Mainali¹,

Shepherd²,

Petitcolas³

2019

Proceedings of the 14th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

This paper proposes a new privacy-enhancing, context-aware user authentication system, ConSec, which uses a transformation of general location-sensitive data, such as GPS location, barometric altitude and noise levels, collected from the user's device, into a representation based on locality-sensitive hashing (LSH). The resulting hashes provide a dimensionality reduction of the underlying data, which we leverage to model users' behaviour for authentication using machine learning. We present how ConSec supports learning from categorical and numerical data, while addressing a number of on-device and network-based threats. ConSec is implemented subsequently for the Android platform and evaluated using data collected from 35 users, which is followed by a security and privacy analysis. We demonstrate that LSH presents a useful approach for context authentication from location-sensitive data without directly utilising plain measurements. CCS CONCEPTS• Security and privacy → Authentication; Privacy-preserving protocols; Mobile and wireless security.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Privacy-enhancing Continuous Authenticationmentioning

confidence: 99%

See 1 more Smart Citation

Privacy-Enhancing Context Authentication from Location-Sensitive Data

Mainali¹,

Shepherd²,

Petitcolas³

2019

Proceedings of the 14th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

show abstract

“…The collection of these data, however, may be too privacy-invasive. Proposals such as those by Safa et al (2014), Domingo-Ferrer et al (2015) and Blanco-Justicia and Domingo-Ferrer (2018) make use of homomorphic encryption and secure multiparty computation to authenticate users from their past behaviour without forcing them to disclose their profiles.…”

Section: Implicit Authenticationmentioning

confidence: 99%

Privacy-Preserving Technologies

Domingo-Ferrer

Blanco-Justicia

2020

The International Library of Ethics, Law and Technology

Self Cite

View full text Add to dashboard Cite

This chapter introduces privacy and data protection by design, and reviews privacy-enhancing techniques (PETs). Although privacy by design includes both technical and operational measures, the chapter focuses on the technical measures. First, it enumerates design strategies. Next, it considers privacy-enhancing techniques that directly address the hide strategy, but also aid in implementing the separate, control and enforce strategies. Specifically, it addresses PETs for: (1) identification, authentication and anonymity; (2) private communications; (3) privacy-preserving computations; (4) privacy in databases; and (5) discrimination prevention in data mining.

show abstract

Section: Implicit Authenticationmentioning

confidence: 99%

The Ethics of Cybersecurity

Christen¹,

Gordijn²,

Loi³

2020

The International Library of Ethics, Law and Technology

View full text Add to dashboard Cite

Technologies are developing faster and their impact is bigger than ever before. Synergies emerge between formerly independent technologies that trigger accelerated and unpredicted effects. Alongside these technological advances new ethical ideas and powerful moral ideologies have appeared which force us to consider the application of these emerging technologies. In attempting to navigate utopian and dystopian visions of the future, it becomes clear that technological progress and its moral quandaries call for new policies and legislative responses. Against this backdrop this new book series from Springer provides a forum for interdisciplinary discussion and normative analysis of emerging technologies that are likely to have a significant impact on the environment, society and/or humanity. These will include, but be no means limited to nanotechnology, neurotechnology, information technology, biotechnology, weapons and security technology, energy technology, and space-based technologies.

show abstract

Flexible and Robust Privacy-Preserving Implicit Authentication

Cited by 11 publications

References 20 publications

Privacy-Enhancing Context Authentication from Location-Sensitive Data

Privacy-Enhancing Context Authentication from Location-Sensitive Data

Privacy-Preserving Technologies

The Ethics of Cybersecurity

Contact Info

Product

Resources

About